Replace MC3003 lab computer

Purpose

As part of the CSCF overall evergreening process ...

Plan

From: Edward Chrzanowski <edward.chrzanowski@uwaterloo.ca>
To: Trevor Grove <trevor.grove@uwaterloo.ca>
CC: David Gawley <dave.gawley@uwaterloo.ca>, "snickers@cs.uwaterloo.ca"
   <snickers@cs.uwaterloo.ca>, Lawrence E Folland
   <lawrence.folland@uwaterloo.ca>
Subject: MikeP, lab machines, security, chairs,  scheduling, et al.
Date: Thu, 12 Apr 2012 12:47:46 -0400

[ ... ]

I put in an RT to pat Kaldwell to engage the electronic locks on the doors for MC3003, MC3005, and MC3027.

MC3003 - new machines and renovations
MC3027 - machine swap and machine surplussing
MC3005 - on behalf of Phil - next Thursday we be receiving new chairs in the lab

Dan does not want to install security tabs on the new machines in MC3003.  It will cost $5.00 for each new tab
plus 15 minutes of a persons time to install.  For the time being we will be relying on the security plates
until the school/management decides on the best course of action for security in the rooms.


Procedure for the next 2 weeks.
1.) MC3027 machines will be zeroed in place, security tabs removed, and then surplussed.  Other people
    can also work in MC3003
2.) MC3003 machines will have to be removed and stored in the back of the room until the machines in MC3027
    are zeroed and 30 machines can replace them.  If time allows, we can also zero the drives on the machines
    in MC2062 (wiring closet) since they are of an older vintage (1 year older than MC3027).  The 30 machines
    from MC3003 that are not being surplussed can then be moved into MC2062 wiring closet for storage
    or MC3026) where there is room.
3.) new machines installed in MC3003 and possibly wiring trays on tables (similar to MC3005).  We might not
     install the new machines until Dan finishes wiring.
4.) install 30 machines from MC3003 into MC3027, reattach security, and the HP switch will need to have the
    ports unlocked (different mac addresses) and then locked again - or should they be unlocked before we
    zero the machines (the switches in MC3003?).
5.) corral the worst chairs in MC3005 and MC3027 for tossing out and install new chairs.
6.) reimaging of the new machines should start April 23rd.  (the apple servers will have to be updated with
    patches and new deploystudio)
7.) we can open up MC3005 as soon as the new chairs are installed (if necessary).  If time allows we will
     install the new image on the other lab machines.

some notes:
    - we will have to reuse 64 ip addresses from 129.97.51 network for the new machines in MC3003
    - I would like to reimage all the macs at the end of August with an updated image (security patches, 
      macports etc.).
    - we will stick with the unicast monolithic model of image distribution for MC3003.

ED C

Ideal Scenario

Choosing a system hardware specification

• get current retail pricing
• initiate conversation with vendors for discounts
• review course performance requirements
• determine performance requirements (e.g. memory, video, disk, CPU)

Order computers

• depending on price level, may require RFP or more formal process
• order an image-development system to arrive ASAP (if not timely with respect to full order)

Receiving and processing

• inventory (scanning and recording):
  • scan barcodes on boxes to obtain serial number and MAC address;
  • assign barcode numbers and attach stickers

• storage until deployment
  • repackage if necessary for storage
  • otherwise, store systems

Develop a new image

• review current image
  • look at packages in the current system image,
    • determine course requirements from ISG and other significant users
• add/delete per course requirements
• build new image on new hardware
  • use DeployStudio
  • do all pending security updates from Apple
  • bind to AD
• testing new image
  • need another instance of new hardware
  • test deployment with DeployStudio

Room preparation

• new networking (switches)
  • consult with CSCF infrastructure on potential network upgrades
  • plan new desktop cabling
• new chairs
  • consult with CSCF infrastructure on replacing chairs and/or furniture

• remove old computers
  • unbolt security plates
  • undo alarm security tabs

• store old computers
  • think about whether to reimage immediately viz a viz the backout plan

• alarm system modification * review romm availability & whether to enable automatic alarm arming

Inventory and network preparation

• add new system to inventory
  • if necessary, without IP addresses
• determine set of IP addresses to use
  • recover from systems being removed
• update inventory with new IP
• confirm DHCP reservations

Deployment

Develop deployment schedule

• determine first availability of rooms (end of exams, confer with ISG)

Hardware

• unpacking
• installation
  • connecting mouse keyboard, power, - security bracket - security tabs

Networking

• undo port lockdown
• new edge wiring
• reconnect old edge wiring
• confirm port lockdown on switch
• physical connection security

Software

• establish DNS configuration (name, IP, MAC)
• DeployStudio to establish network parameters
• push image
• establish ARD
• run script to rename and bind to AD
• reboot
• confirm

Post-deployment cleanup

• modify alarm systesm
• room cleanup (custodial)